First question back is: Why do you want to do that? You should have a *very* good reason to rely on the default-policies.
Back to your question: It depends on your IOS-version.
IOS < 12.4(20)T: The default-policy is always active
Global IKE policy
Default protection suite
encryption algorithm: DES - Data Encryption Standard (56 bit keys).
hash algorithm: Secure Hash Standard
authentication method: Rivest-Shamir-Adleman Signature
Diffie-Hellman group: #1 (768 bit)
lifetime: 86400 seconds, no volume limit
IOS ≥ 12.4(20)T: The default-policies are only active if you don't configure your own policies. The default policies are the following:
Priority | Enc | Hash | Auth | DH-Group | Lifetime |
65507 | AES 128 | SHA-1 | RSA-Sig | 5 (1536 bit) | 86400s |
65508 | AES 128 | SHA-1 | PSK | 5 (1536 bit) | 86400s |
65509 | AES 128 | MD-5 | RSA-Sig | 5 (1536 bit) | 86400s |
65510 | AES 128 | MD-5 | PSK | 5 (1536 bit) | 86400s |
65511 | 3DES | SHA-1 | RSA-Sig | 2 (1024 bit) | 86400s |
65512 | 3DES | SHA-1 | PSK | 2 (1024 bit) | 86400s |
65513 | 3DES | MD-5 | RSA-Sig | 2 (1024 bit) | 86400s |
65514 | 3DES | MD-5 | PSK | 2 (1024 bit) | 86400s |
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
